# powershellempire/empire

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/powershellempire-empire).**

7,843 stars · 2,929 forks · PowerShell · BSD-3-Clause · archived

## Links

- GitHub: https://github.com/PowerShellEmpire/Empire
- Homepage: http://www.powershellempire.com/
- awesome-repositories: https://awesome-repositories.com/repository/powershellempire-empire.md

## Description

Empire is a post-exploitation framework and command and control server designed to manage remote access agents. It provides a centralized system for coordinating these agents and executing specialized scripts across target systems.

The project functions as a security evasion tool by adapting network communication patterns to bypass firewalls and monitoring tools. It utilizes a multi-language agent runtime and a modular plugin architecture to execute payloads across different operating systems.

The framework covers a broad range of operational capabilities, including remote agent orchestration, privilege escalation workflows, and intelligence gathering. It also manages the deployment and lifecycle of remote agents to maintain persistent system control.

## Tags

### Part of an Awesome List

- [Command and Control](https://awesome-repositories.com/f/awesome-lists/devops/command-and-control.md) — Provides a centralized command and control server for managing post-exploitation agents.
- [Evasion Tooling](https://awesome-repositories.com/f/awesome-lists/security/evasion-tooling.md) — Adapts network communication patterns to bypass firewalls and security monitoring tools.
- [Security And Privacy](https://awesome-repositories.com/f/awesome-lists/security/security-and-privacy.md) — Agent-based post-exploitation framework.

### DevOps & Infrastructure

- [Agent Deployment](https://awesome-repositories.com/f/devops-infrastructure/remote-management-agents/agent-deployment.md) — Provides mechanisms to install agents on target operating systems to establish remote control channels. ([source](https://github.com/powershellempire/empire#readme))

### Programming Languages & Runtimes

- [Multi-Language Agent Runtimes](https://awesome-repositories.com/f/programming-languages-runtimes/multi-language-agent-runtimes.md) — Leverages both PowerShell and Python runtimes to execute payloads across diverse operating system targets.

### Security & Cryptography

- [Network Traffic Obfuscators](https://awesome-repositories.com/f/security-cryptography/network-traffic-obfuscators.md) — Modifies communication patterns between agents and the server to evade network security monitoring.
- [Post-Exploitation Frameworks](https://awesome-repositories.com/f/security-cryptography/post-exploitation-frameworks.md) — Functions as a comprehensive framework for managing compromised systems after initial access.
- [Remote Access Trojans](https://awesome-repositories.com/f/security-cryptography/remote-access-trojans.md) — Deploys agents that establish covert communication channels for persistent remote system control.
- [Remote Script Execution](https://awesome-repositories.com/f/security-cryptography/remote-script-execution.md) — Executes targeted scripts on remote hosts for intelligence gathering and privilege escalation. ([source](https://github.com/powershellempire/empire#readme))
- [Traffic Obfuscators](https://awesome-repositories.com/f/security-cryptography/traffic-obfuscators.md) — Modifies network traffic to mimic legitimate web activity and bypass security filters.
- [Command Polling](https://awesome-repositories.com/f/security-cryptography/c2-server-hosting/command-polling.md) — Uses asynchronous HTTP polling to retrieve tasks from the C2 server without maintaining persistent connections.
- [Privilege Escalation Tools](https://awesome-repositories.com/f/security-cryptography/privilege-escalation-tools.md) — Ships specialized scripts to identify and exploit misconfigurations to gain administrative control.
- [Detection Evasion](https://awesome-repositories.com/f/security-cryptography/security/operations-and-incident-response/network-intrusion-detection/detection-evasion.md) — Adapts communication patterns to avoid discovery by network security monitoring and intrusion detection systems. ([source](https://github.com/powershellempire/empire#readme))
- [Information Gathering Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/information-gathering-tools.md) — Includes modules for extracting sensitive information and mapping internal networks during reconnaissance.

### System Administration & Monitoring

- [Agent Orchestration](https://awesome-repositories.com/f/system-administration-monitoring/agent-orchestration.md) — Coordinates the deployment and control of lightweight agents to execute commands via secure channels.

### Data & Databases

- [Payload Serialization](https://awesome-repositories.com/f/data-databases/data-transformation/payload-serialization.md) — Encodes and encrypts command and result payloads to evade network inspection tools.

### Software Engineering & Architecture

- [Asynchronous Task Queues](https://awesome-repositories.com/f/software-engineering-architecture/asynchronous-task-queues.md) — Implements an asynchronous task queue to decouple command submission from agent execution.
- [Modular Plugin Architectures](https://awesome-repositories.com/f/software-engineering-architecture/modular-plugin-architectures.md) — Employs a modular architecture to load specialized post-exploitation scripts as independent plugins.